One of my services contains:
[Service]
User=%I
PAMName=login
PermissionsStartOnly=true
ExecStartPre=/usr/bin/x-daemon -nolisten tcp -noreset vt1
I noticed that the execution of the x-daemon process opens a PAM session. I feel this should not be the case: the session is for some specified user, while the script runs as root.
Changing line 1287 of src/core/execute.c to read:
err = setup_pam(apply_permissions && context->pam_name, username, uid, context->tty_path, &pam_env, fds, n_fds);
doesn't seem to do the trick. It looks like the process gets killed but the only thing I am certain of is that my system hangs.
For reference, this is the contents of the x-daemon script:
#! /bin/bash
trap "exit 0" USR1
(
trap "" USR1
exec /usr/bin/X "$@"
) &
wait
exit 1

Believe it or not, but the change in Git is what I meant and tested.
I must have been very tired when copying and even editing the wrong line, here.
As I mentioned, the system locks up in the 'fixed' case. Perhaps it is not really fixed just yet.